Public key cryptography was developed to assure the confidentiality, authenticity and non-repudiation of electronic communications and data storage. Also referred to as asymmetric cryptography, public key cryptography uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. The public key cryptography scheme accomplishes two functions: authentication, which is when the public key is used to verify that a holder of the paired private key sent the message, and encryption, whereby only the holder of the paired private key can decrypt the message encrypted with the public key.
In a public key encryption system, any person can encrypt a message using the public key of the receiver, but such a message can be decrypted only with the receiver's private key. For this scheme to work, it must be computationally easy for a user to generate a public and private key pair to be used for encryption and decryption. The strength of a public key cryptography system relies on the degree of difficulty (computational impracticality) for a properly generated private key to be determined from its corresponding public key. Security then depends only on keeping the private key private, and the public key may be published without compromising security.
During electronic communications, a party providing a service (referred to herein as a “verifier”) may require authentication of the platform requesting service (referred to herein as a “client platform”). This authentication creates two opposing security concerns. First, the verifier needs to ensure that the provided authentication information originated with a valid client platform running legitimate, verified software and not a malicious adversary emulating the client platform or causing the client platform to execute compromised software. Second, the user of a client platform is concerned with maintaining privacy of sensitive information. In particular, the user of the client platform wants to be able to provide authentication information to different verifiers without those verifiers being able to determine that the authentication information is coming from the same client platform.